PROTOCOL-ICMP -- Snort alerted on Internet Control Message Protocol (ICMP) traffic, which allows hosts to send error messages about interruptions in traffic. Administrators can use ICMP to perform diagnostics and troubleshooting, but the protocol can also be used by attackers to gain information on a network. This protocol is vulnerable to several attacks, and many administrators block it altogether, or block selective messages.
PROTOCOL-ICMP record route rr denial of service attempt
The ping command in Linux 2.0.3x allows local users to cause a denial of service by sending large packets with the -R (record route) option. Impact: CVSS base score 5.0 CVSS impact score 2.9 CVSS exploitability score 10.0 confidentialityImpact NONE integrityImpact NONE availabilityImpact NONE Details: Ease of Attack:
No public information
No known false positives
Talos research team. This document was generated from data supplied by the national vulnerability database, a product of the national institute of standards and technology. For more information see [nvd].
Tactic:
Technique:
For reference, see the MITRE ATT&CK vulnerability types here: https://attack.mitre.org
CVE-1999-0986The ping command in Linux 2.0.3x allows local users to cause a denial of service by sending large packets with the -R (record route) option. |
|
|||||||||||||||||||||||||
CVE-1999-1339Vulnerability when Network Address Translation (NAT) is enabled in Linux 2.2.10 and earlier with ipchains, or FreeBSD 3.2 with ipfw, allows remote attackers to cause a denial of service (kernel panic) via a ping -R (record route) command. |
|
|||||||||||||||||||||||||
CVE-2001-0752Cisco CBOS 2.3.8 and earlier allows remote attackers to cause a denial of service via an ICMP ECHO REQUEST (ping) with the IP Record Route option set. |
|
|||||||||||||||||||||||||
©2022 Cisco and/or its affiliates. Snort, the Snort and Pig logo are registered trademarks of Cisco. All rights reserved.
